If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Equivalent Security Classes

Hi guys,
Iím a new member of the forum and I need help! Iím graduated in January in Engineering of the Telecommunications and I am working from two weeks to a Cryptography project. In the course of my studies I have not had way to study arguments of the sort and my competences in merit are not very techniques. The customer has asked to my team to catalogue the existing algorithms subdividing the principals in equivalent classes of security. The parameter for the realization of the table is the force of the algorithm that is the order of magnitude of the number of operations statistically necessary to the better attack in order to force that algorithm. The problem is that I canít find no document that make me able to subdivide the equivalent classes of security.
That I would have to obtain is one table in which, as an example, to put in class the 4 (less sure) all the algorithms with smaller force of, as an example, 80 bit; in class three all those with force comprised between, as an example, 80 and 128 bits; in class 2 those with force comprised, as an example, between 129 and 256 bit and in class 1 all those with force > of 256 bits. Someone can tell me if there is a way to characterize the equivalent classes motivating because in the various classes there are the algorithms with a given force (for example in class 4 there could be algorithms absolutely insecure)?
I hope that someone helps me because I am thruly in great troubles!

this is a rather difficult problem. As SirDice says, algorithm strength is not proportional to strength. Clearly, the more bits you use to encrypt the more possibilities you generate for a brute force algorithm. However, if the encryption algorithm is slightly flawed in that (making up an example) it always encrypts "e" to "47" and "m" to "~!" the odds drastically change.

Thats before you even consider the data being encrypted or the user. A user that sets an encryption key to "password" with the best algorithm in the world still has a problem. Also, when you encrypt things like source code you create a frequency analysis vulnerability as source code contains many repeats of words like "void", "while", "if", "else",.....

Short answer, "strongest" encryption is hard to define.

If the world doesn't stop annoying me I will name my kids ";DROP DATABASE;" and get revenge.